Direct Debit Transactions: A Comprehensive Analysis of Emerging Attack Patterns

In the recent years payment systems in Europe are evolved to a new scenario where transactions and retail payments take place according to the SEPA (Single Euro Payments Area) Regulation. SEPA is an initiative of the European banking industry aiming at making all electronic payments across the Euro area -- e.g. by credit card, debit card, bank transfer or direct debit -- as easy as domestic payments currently are. One of the payment schemes defined by the SEPA mandate is the SEPA Direct Debit (SDD) that allows a creditor (biller) to collect funds from a debtor´s (payer´s) account, provided that a signed mandate has been granted by the payer to the biller. Thanks to SDD consumers can make and receive no-cash euro payments with a single set of instructions and a single bank account. It is apparent that the use of this standard scheme facilitates the access to new markets by enterprises and public administrations and allows for a substantial cost reduction. However, the other side of the coin is represented by the security issues concerning this type of electronic payments. A study conducted by Center of Economics and Business Research (CEBR) of Britain, on behalf of Liverpool Insurance Company, showed that from 2006 to 2010 the Direct Debit frauds have increased of 288%. In this paper a comprehensive analysis of real SDD data provided by the EU FP7 LeanBigData project is performed in order to identify and classify emerging and sophisticated attack patterns that can be executed against an SDD service. The results of this data analysis will be used to inspire the design of a security system supporting analysts to detect Direct Debit frauds.